Sorting Out the Debate Over Cloud Computing

There are two extreme camps on either side of the cloud computing argument. One says everything is moving to the cloud, IT departments will be slashed, and businesses will save millions. The other says nothing will, due to various concerns such as security, performance and customization ability. Most businesses already use some cloud-based services, depending on how loosely "cloud" is defined.

First, we must identify what exactly is meant by "the cloud." There are two major aspects: hosted applications and infrastructure. Both are a form of outsourcing, but the implications are vastly different. We'll spend a bit of time explaining the differences before exploring the two sides of the cloud debate.

Applications hosted and run by another organization are said to be cloud-based services. Your bank probably provides a portal for managing various accounts. Your payroll company or check printing house provides a mechanism by which you can access their application, via a Web site. Even the most anti-outsourcing businesses use at least a few applications, via the Web, to communicate with partners and service providers.

Taking that one step further, today's Software as a Service (SaaS) models represent the true spirit of cloud-based applications. Instead of buying a CRM product, for example, and installing it on your servers, you can now simply use the vendor-provided Web access and get all the functionality without the hassle. Moving to hosted applications saves IT staff time, capital budgets, and hassle. It makes a great deal of sense to let the people who wrote the software host it for you, since they are the experts.

Many cloud-only service providers have cropped up lately, to fulfill a market demand for hosted applications. Salesforce is the premiere example, and they have certainly proven that there is space in the market for SaaS companies to re-implement traditional software as hosted solutions.

Infrastructure as a Service is computing outsourcing. Amazon EC2 provides the infrastructure where you can run operating system instances just as you would do on physical servers in a data center. Except you don't buy servers, you rent time on the cloud. The major selling point is that you can scale up computing resources very quickly with a cloud infrastructure, as opposed to purchasing and installing new servers yourself, but that point is also heavily debated.

The infrastructure component is what most IT people are referring to when they mention clouds. They are struggling with the options: use EC2, implement a compatible private cloud themselves, or skip it altogether.

The cloud infrastructure is essentially a better way to manage virtualization. It is also, some would say, "the right way to run servers."

Everything Is Moving

The promise of mass deployability of new operating system instances has thankfully forced the IT world as a whole to really embrace automation and configuration management. Long-time sysadmins often scoff at the marketing buzz around the cloud, because they have accomplished automated deployment and on-going configuration management of running systems a long time ago. The cloud concept is simply another smart layer, one that balances resources and possibly auto-migrates virtual machines when resource usage changes.

This is a good thing! It means that everyone agrees we're headed in the right direction. The right way to manage systems is with automated virtual machines, and the cloud concept is brilliant.

The "everything is moving to a public cloud" camp believes it makes no sense to run your own servers. Data centers, cooling, power -- it all is a waste of time and money, unless of course you're in the hosting business. Large-scale providers can do it all much more efficiently.

It'll Never Work

Stability is a problem. If Amazon has taught us anything, it's that they aren't very good at this cloud thing, or redundancy. Their storage infrastructure, S3, has had many outages and consistently under performs. Why would you move your important business computing needs to a single provider? Nobody is immune to outages, regardless of how redundant they are.

Security is another major concern. If a critical piece of S3 infrastructure becomes compromised, all businesses using S3 will have a major data breach. The servers running EC2 images, too, are a target for criminal hackers. It makes more sense to hide critical servers behind a corporate firewall that can be audited, rather than rely on the security of each individual EC2 instance (and Amazon's infrastructure).

Final Thoughts

At least, that's the argument. Personally, I don't buy the security argument, but stability, reliability and performance are highly suspect.

Another major point of contention is public versus private clouds. If you choose to run your own cloud infrastructure, you need to purchase more computing power than you necessarily need. To scale on-demand, capacity needs to be available. I think you will find that most businesses are currently in a half-virtualized state. They aren't running cloud-like infrastructure, but a large portion of their servers run as virtual machines. The utilization of those servers is higher (in a good sense) than it has ever been, but there are still a lot of applications running on bare metal.

As has already been happening, businesses will continue to move away from service- or server-based mentalities, toward application-specific uses. Applications can easily be segregated onto individual virtual machine instances, which provides security and manageability benefits (assuming proper automation exists). Those virtual machines can be run the "traditional way," or they can be part of a cloud infrastructure that eases management even further.

For many larger businesses, regardless their position in the cloud debate, it makes the most sense to implement a private cloud infrastructure that is compatible with EC2. If some instances need to be migrated to a public cloud in the future, and the security department OK's it, you're ready to do so.